AngryBirds.com, the website for the Rovio’s popular Angry Birds game has been hacked, with the website calling itself “Spying Birds” after recent revelations about the NSA and GCHQ feasting on data allegedly leaked by the app.
Rovio confirmed the hack (Zone-h mirror), and had the website back to normal on Wednesday morning, but not before the compromised website brought attention to the apps privacy leaking flaws, which was the intention of the hacker(s) going by the name of “Anti-NSA Hacker”.
The site was targeted after files leaked by NSA whistleblower Edward Snowden showed how the NSA and GCHQ were harvesting the personal data “leaked” from a number of smartphone apps, with Angry Birds used as a case study in the programme. The data often included a user’s location, political beliefs, and sometimes even sexual preferences.
Rovio issued a statement saying that they do not share data or collude with the NSA or GCHQ, or other spy agencies anywhere in the world, and blamed third party ad networks for the personal data leaks.
If ad networks are the target of spy agency data harvesting then it would appear that almost all users could be targeted if they browse any free ad-supported website, athough we do not have any information as to which networks could be compromised.
It is unclear whether Rovio’s servers or their DNS records were compromised, but after showing the hacked message for a short period, the site was taken down for around 90 minutes before being restored to its original state.